<?php
class DBAuthenticator extends BaseAuthenticator {
	public function authenticate($userId, $password) {
		if (!$userId || !$password) {
			return FALSE;
		}	

		$dbh = DBConnPoolFactory::getInstance()->getConnPool(AUTH_CONFIG_FILE)->getReadConn();

		$sql = <<< SQL
SELECT userId FROM User WHERE userId = :userId AND password = sha1(:password) AND status = 'A'
SQL;

		$ps = $dbh->prepare($sql);
		$ps->bindValue('userId', $userId);
		$ps->bindValue('password', $password);
		$ret = $ps->execute();

		if (!$ret) {
			error_log("File '" . __File__ . "', " . "Line " . __LINE__ . ": " . print_r($dbh->errorInfo(),1));
			return FALSE;
		}

		$ok = FALSE;
		if ($row = $ps->fetch(PDO::FETCH_ASSOC)) {
			$ok = TRUE;
		}
		$ps->closeCursor();

		return $ok;
	}
}
?>
